search

nccgroup / blackboxprotobuf

Blackbox Protobuf is a set of tools for working with encoded Protocol Buffers (protobuf) without the matching protobuf definition.
MIT License
516 stars 86 forks source link

possible bug #14

Closed huikmnh closed 1 year ago

huikmnh commented 1 year ago

When i try to decode a legal protobuf buffer, it failed, while protoc --decode_raw succeed.

a.py:

---------------------------------

import blackboxprotobuf a = open('bug.bin', 'rb').read() blackboxprotobuf.decode_message(a)

---------------------------------

bug.bin:

https://freeshell.de/~vernon/bug.bin

python3 a.py Fatal Python error: Cannot recover from stack overflow. Python runtime state: initialized

Current thread 0x00007f9db5912740 (most recent call first): File "/usr/local/lib/python3.8/dist-packages/google/protobuf/internal/decoder.py", line 126 in DecodeVarint File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 149 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 245 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 294 in decode_lendelim_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 14 in decode_guess File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 175 in decode_message File "/usr/local/lib/python3.8/dist-packages/blackboxprotobuf/lib/types/length_delim.py", line 309 in decode_group ... Aborted (core dumped)

rwinkelmaier-ncc commented 1 year ago

Hi,

Could you check if you're using the code from this repo or the bbpb package on pip (https://pypi.org/project/bbpb/)? This looks like an older bug with how it tries to guess types on binary types. The current version should process messages in a way that prevents this by checking the length of all the fields adds up before recursing into them.

huikmnh commented 1 year ago

Yes, it is really the old version problem. I use Ubuntu 20.04 and pip3 install blackboxprotobuf. It sucks

Thank you for your time and blackboxprotobuf really helps.

rwinkelmaier-ncc commented 1 year ago

No problem.

As far as I know, you should be fine with the Ubuntu version. I would pip3 uninstall blackboxprotobuf and then pip3 install bbpb and see if that works.